Method for obtaining authenticity identification devices for using services in general, and device obtained thereby
First Claim
1. A method for obtaining authenticity indentification devices usable for services in general wherein authenticity is guaranteed without resorting to a manufacturer of the device to ensure its validity, said method comprising the steps of:
- using an identification device provided with only one read-only area which is writable only at the manufacturing time, and at least one writable area, said one read only area and said at least one writable area being freely externally readable by an external device, a first permanent and unique code being applied to said read-only area by the manufacturer of the identification device at the manufacturing time, said first permanent and unique code being freely externally readable;
having a service provider apply to said at least one writable area a second code, said second code being obtained by computing, by means of an encryption function having a secret encryption key, the joining in predetermined positions of said first permanent unique code and of a message, said second code being freely externally readable;
said identification device being externally validated through decryption of said second code by means of a decryption key, a portion of said decrypted second code arranged in a predetermined position being compared with said first permanent and unique code to verify the authenticity of the identification device and of the message applied to said at least one writable area.
0 Assignments
0 Petitions
Accused Products
Abstract
Method for obtaining authenticity identification devices for using services in general wherein authenticity is guaranteed without resorting to the manufacturer of the device to ensure its validity; the method has the particularity that it consists in preparing an identification device with a read-only area and at least one writable area; the manufacturer of the device applies a first permanent and always different code to the read-only area. The service provider applies to the writable area a second code obtained by means of one-way functions that have a secret encryption key by computing the first permanent code. The identification device validated with the second code can be verified by means of a decryption key which may optionally be public.
-
Citations
10 Claims
-
1. A method for obtaining authenticity indentification devices usable for services in general wherein authenticity is guaranteed without resorting to a manufacturer of the device to ensure its validity, said method comprising the steps of:
-
using an identification device provided with only one read-only area which is writable only at the manufacturing time, and at least one writable area, said one read only area and said at least one writable area being freely externally readable by an external device, a first permanent and unique code being applied to said read-only area by the manufacturer of the identification device at the manufacturing time, said first permanent and unique code being freely externally readable; having a service provider apply to said at least one writable area a second code, said second code being obtained by computing, by means of an encryption function having a secret encryption key, the joining in predetermined positions of said first permanent unique code and of a message, said second code being freely externally readable; said identification device being externally validated through decryption of said second code by means of a decryption key, a portion of said decrypted second code arranged in a predetermined position being compared with said first permanent and unique code to verify the authenticity of the identification device and of the message applied to said at least one writable area. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An authenticity identification device, comprising a card having a read-only area predefined at the manufacturing time and at least one writable area, a first permanent and unique code being placed in said read-only area by the manufacturer of the card, and a second code being placed in said at least one writable area, said second code being obtained by computing said first permanent and unique code and a message by means of an encryption function that uses a secret encryption key, said second code being linked to said first code in an unidentifiable way by means of said secret encryption key, said second code being formed by said first code arranged in a predetermined position and by said message appended thereto.
Specification